Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Find out if your organisation has been compromised by the Zerologon Windows server vulnerability. Download Zerologon Detector.

Overview

Early detection of hidden adversaries

To minimise the impact of security breaches, it is essential to identify them as early as possible. Cyber threat hunting facilitates the early detection of attacks, using high-fidelity telemetry and the latest threat intelligence to proactively identify the activities of known and unknown adversaries.

Definition

What is cyber threat hunting?

Cyber threat hunting is the process of proactively searching across networks and endpoints to identify threats that evade security controls. Using a combination of manual and machine assisted techniques, threat hunters search for indicators of compromise (IOCs) across an organisation’s IT environments.

By hunting for evidence that a breach has occurred, threat hunting enables security teams to identify unknown threats and respond quickly and effectively to them before they cause damage and disruption.

Redscan's SOC team conducting cyber threat hunting

Managed Threat Hunting

How can a managed threat hunting service from Redscan help?

Threat hunting is resource-intensive, requiring a deep understanding of cyber threats and the tactics, techniques and procedures (TTPs) of criminal adversaries. Without this level of expertise, organisations risk leaving themselves exposed.

ThreatDetect™, Redscan’s outcome-focused Managed Detection and Response (MDR) service integrates the latest detection technologies and intelligence plus a team of cyber offensive security professionals to provide the hunting capability needed to proactively detect threats.

Our experienced team of Red and Blue Team security professionals have a deep knowledge of offensive security and apply this knowledge to help better identify unknown threats. This is informed and enhanced by intelligence from Redscan Labs, our specialist threat research and analytics division.

Hunt team

About the Redscan hunt team

Activities undertaken by our team to better identify threats include:

  • Hypothesis-driven investigation
  • Optimising security technologies
  • Reviewing and applying threat intelligence
  • Integrating new sources of telemetry
  • Configuring custom rulesets and watchlists
  • Root cause and kill chain analysis

Threat Hunting FAQs

Frequently asked questions

What is threat hunting?

Threat hunting in cyber security is the process of proactively searching across an organisation’s environment to identify hidden threats and shut them down before they cause damage and disruption.

What are the benefits of threat hunting?

Threat hunting can help to significantly reduce both mean time to detect (MTTD) and mean time to respond (MTTR) to threats. By proactively uncovering security events and highlighting gaps in threat visibility and coverage, threat hunting can help organisations to better defend their critical assets and reputation.

What is a cyber hunt team?

A cyber hunt team is the group of experts responsible for performing threat hunting. Typically, a cyber hunt team will contain a mix of security skillsets, and hunt team members will work together to hunt for and shut down threats.

What does a threat hunter do?

Using a combination of manual and machine assisted techniques, threat hunters search for indicators of compromise (IOCs) across an organisation’s IT environments. Threat hunters often work under a theory of assumed compromise, hypothesising about threat behaviours to identify intrusions.

What are threat hunting techniques?

Threat hunting techniques are the practices conducted by threat hunters. These could include the optimisation of security technologies for new sources of telemetry, configuration of custom rulesets and watchlists, incident investigation and kill chain analysis.

What is threat modelling?

Threat modelling in cyber security is the structured process of proactively identifying threats and developing specific procedures and countermeasures to help mitigate them. This helps to determine how resources should be aligned should similar threats arise in the future.

What are the challenges of threat hunting?

Threat hunting is time and resource intensive, requiring a deep understanding of network and endpoint detection technologies, as well as adverserial tactics, techniques and procedures (TTPs). For all but the largest organisations, building a hunt team and arming them with the necessary technology and intelligence is very difficult to achieve in-house. This has led to more and more organisations seeking outsourced threat hunting services.

Expertise

Our security qualifications

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
20th October 2020
Remote working leaving UK businesses more vulnerable to cyber-attacks
New research suggests that while 60% of UK businesses experienced a cyber-attack and 44% of them were hit by a data breach over the past 12 months, 37% don't have a cyber incident response plan.  
6th October 2020
Europol report warns of cybercriminals targeting people working from home
Europol, the European Union police agency, has warned in a new report that cybercriminals are targeting people who are spending more time online due to the pandemic.
2nd October 2020
Redscan releases Zerologon detection tool
Redscan Labs has released Zerologon Detector, a detection tool that can help organisations to determine if they have been compromised as a result of a newly-disclosed, critical vulnerability in Windows Netlogon (CVE-2020-1472). Read more
30th September 2020
Redscan named in Gartner MDR Market Guide
Redscan is one of only two UK-based providers recognised in Gartner’s 2020 Market Guide for Managed Detection and Response. Read more in our press release.